Package: mosquitto
Version: 1.5.7-1
Severity: important
Regarding severity, see [1].
| root@raven:~# systemctl --failed
| UNIT LOAD ACTIVE SUB DESCRIPTION
| ● logrotate.service loaded failed failed Rotate log files
| root@raven:~# journalctl -u logrotate.service
| -- Logs begin at Fri 2019-09-13 13:14:46 CEST, end at Sat 2019-09-14 10:46:55
CEST. --
| Sep 14 00:00:01 raven systemd[1]: Starting Rotate log files...
| Sep 14 00:00:02 raven logrotate[17281]: logrotate_script: 2:
logrotate_script: /usr/bin/killall: not found
| Sep 14 00:00:02 raven logrotate[17281]: error: error running non-shared
postrotate script for /var/log/mosquitto/mosquitto.log of
'/var/log/mosquitto/mosquitto.log '
| Sep 14 00:00:02 raven systemd[1]: logrotate.service: Main process exited,
code=exited, status=1/FAILURE
| Sep 14 00:00:02 raven systemd[1]: logrotate.service: Failed with result
'exit-code'.
So, there's a few things wrong with this logrotate setup:
| root@raven:~# grep -A1 postro /etc/logrotate.d/mosquitto
| postrotate
| /usr/bin/killall -HUP mosquitto
First, you should never use killall (or pkill) to send signals to
processes by name out of system scripts. You may only send things to
your processes, and you don't control which other things on the system
might be called mosquitto.
Second, *if* you use killall, you need to ensure it's actually
installed. killall is shipped by the psmisc package, which is not
Essential, yet the mosquitto packages doesn't depend on it. Further,
the postrotate snippet probably should NOT supply the full path to the
script[2].
However, what the script probably should do is reload its service using
something like apache2 does:
| postrotate
| if invoke-rc.d apache2 status > /dev/null 2>&1; then \
| invoke-rc.d apache2 reload > /dev/null 2>&1; \
| fi;
| endscript
This will call the service's reload thing. Your sysV init script
already correctly sends a HUP only to the service process. It seems
the systemd service file doesn't. I don't know if this is the proper
way to deal with this issue but the following should work:
@@ -8,6 +8,7 @@
Type=notify
NotifyAccess=main
ExecStart=/usr/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf
+ExecReload=/bin/kill -HUP ${MAINPID}
Restart=on-failure
[Install]
Cheers,
PS: please consider updating the version in stable.
Cheers,
1: This could be serious, since "Packages must include a "Depends:" line
listing any other packages they require for operation", but then it's
"just" logrotation. Either way, please fix :)
2: | Programs called from maintainer scripts should not normally have a
| path prepended to them. [...] These considerations really apply to
| all shell scripts.
--
| .''`. ** Debian **
Peter Palfrader | : :' : The universal
https://www.palfrader.org/ | `. `' Operating System
| `- https://www.debian.org/
